two-factor authentication

Pierluigi Paganini July 17, 2015
Many Android and Apple Apps allow brute force attacks

According to a recent research published by experts at the AppBugs firm many Android and Apple mobile apps allow brute force attacks. Android and Apple devices are the most used worldwide, millions of mobile users every day use the apps available in their official stores, but what if the majority of these applications are vulnerable […]

Pierluigi Paganini June 29, 2015
Experts found Government Credentials on the Open Web too easily

Recorded Future discovered that credentials stolen in a number of breaches and belonging to government agencies are available online on several paste sites. According to analysts at Recorded Future, the credentials stolen in several data breached related to 100 US government domains are available online on a number of paste sites and on other websites. […]

Pierluigi Paganini April 03, 2015
Eastern European Cyber-gang manages a new Dyre Wolf campaign

Security experts from IBM discovered a very sophisticated malware campaign based on the Dyre Trojan to hack Corporate Bank Accounts. IBM has uncovered an important cyber criminal operation dubbed The Dyre Wolf due to the name of the popular Dyre malware used crooks. The Dyre malware was discovered in the wild by several security firms, […]

Pierluigi Paganini March 17, 2015
Yahoo launches its on-demand password feature

Yahoo announced its new on-demand password feature that lets users into login in their account with a code sent to their mobile phone. Yahoo has announced a new Password-Free login feature to let users access their account without the need for a password. When users will sign in his account, an on-demand password is sent to a […]

Pierluigi Paganini February 10, 2015
Phishing campaign is targeting Apple iCloud users to steal financial data

Security experts at Sophos spotted a new phishing campaign targeting iCloud users. The attackers are interested in the victims’ financial data. Sophos security firm reported that threat actors are running phishing campaign against Apple iCloud users to steal financial data. The messages sent by bad actors are tailored to appear as legitimate security alerts issued by Apple. […]

Pierluigi Paganini January 23, 2015
Google account hijacking via exploitation of XSS flaw

Security Expert Brett Buerhaus has discovered a critical flaw  on admin.google.com, which could be exploited by to Hijack an account and disable 2FA Authentication. Even the giants have their Achilles heel, the Google Apps administrator console is affected by a critical cross-site scripting (XSS) vulnerability that could be exploited by attackers to force a Google Apps admins […]

Pierluigi Paganini December 25, 2014
Hackers hit a poorly configured server to breach JPMorgan

Security experts involved in the investigation on the JPMorgan breach revealed that hackers exploited the lack of 2FA to compromise a server in the network. JPMorgan suffered months the biggest U.S. banking breach of all time, and now The New York Times provided more information on the case citing sources close to the experts involved in the […]

Pierluigi Paganini November 10, 2014
Manual phishing attacks are the simplest and most effective hacking technique

A study published by Google demonstrates that manual phishing attacks are the simplest and most effective method for hacking email accounts. A study recently published by Google demonstrates that so-called manual phishing attacks are the simplest and most effective method for hijacking users’ email address. Let’s consider that the manual phishing attacks, as suggested by the name, doesn’t use […]

Pierluigi Paganini October 22, 2014
Google improved 2-Step Verification with Security Key

Google has announced the introduction of an improved two-factor authentication mechanism based on a USB token dubbed Security Key. Google firm considers cyber security a pillar of its business, the last initiative announced by the company is the introduction of an improved two-factor authentication system for its services, including Gmail. The new 2FA process is based on the use of a […]

Pierluigi Paganini October 01, 2014
Flawed iOS 8’s Reset All Settings Option erases iCloud Docs

The MacRumors forum reported a serious flaw in iOS 8’s ‘Reset All Settings’ Option which causes the deletion of iCloud Drive documents. The Fappening case has raised the question about the level of security offered by iCloud and other cloud storage services. Apple was criticized for the way its security experts managed the flaw in iCloud file […]